On 5/17/06, Tyler Durden <camera_lumina@hotmail.com> wrote:
Well, I suspect they do a lot more before inspection, and use a statistical model to trigger whether the actually grab and backhaul any piece of traffic.
i'd love to know how much manpower is assigned to defining and tuning these filters. this is a difficult process to be sure.
Clearly, this policy is going to be risk-model driven and will undergo periodic changes (implying too that NSA has their own LAN by which they download new policies remotely into the Narus boxes).
the SunFire V880 is the Narus controller according to the docs and i bet the filter updates are pretty frequent. they might even use an IPsec VPN over the backhaul fiber via the cisco/juniper switches listed.
It would be "nice" too if their models fill up their available backhauling bandwidth.
indeed. and the StorEdge T3 could cache quite a bit during peak activity to fill up idle periods later at night. (oh crap, i hope we aren't giving them ideas! ;)
What this means (to your point) is that merely building better crypto is only one axis to protect your privacy.
yes. it keeps that layer 7 inspection guessing past layer 4. a large, reputable zero knowledge mix is what would be ideal, though the latency induced makes certain services impossible or unfriendly. i love to promote out of band distribution any chance i get, including sneaker net with DVD-R's and local wireless networks between peers. but you really need a zero knowledge configuration to be sure.
... With good enough crypto it's -possible- that you can thwart their attempts to actually read your email, and that's good because it forces them to decide whether they want to expend the big $$$ and risk exposure for a field operation.
i have faith in well designed hardware entropy sources and AES-256 in hardware when frequently rekeyed. pubkey crypto makes me nervous (long term) but will always be useful. i have much less faith in the systems around these crypto primitives, be it operating systems or protocols down to physical security and side channels. i bet the black bag jobs are almost always 100% effective.
But the other axis is statistical (as you point out). It's far better to never get caught in the NSA driftnets in the first place. This means stego, this means P2P (hum...what if I had a P2P video of a document I wanted to transmit...NSA wouldn't be able to read that document, right?) this means (somehow) encouraging more crypto in more places so your traffic doesn't stick out.
100,000,000 peers running a zero knowledge mix off their broadband connection. i don't think stego would be effective; if there was an unbreakable stego system the overhead would be significant. (there was a design a fellow at DC13 described using inodes on valid file systems for storage, but this doesn't give you much space compared to the physical storage capacity used overall) but lots of crypto everywhere would certainly help make the presence of encryption alone less interesting. (as has been rumored on this list and elsewhere that merely using encryption makes you interesting)